Containers Firewall

[PmUserZFS]

I enable firewall with just a DROP line, but nothing is enbled all ports are open, why ? How you do enable the firewall if not by crossing the enable box ?

Firewall is enabled for datacenter and the pve node (single node at home)

 

[Moayad]

Hi,

Please post config for the LXC container that you enabled the firewall on it pct config VMID

 

[PmUserZFS]

There is config in proxmox webb gui, but none seen in cli.

➜ ~ pct config 105
arch: amd64
cores: 4
hostname: xxxxx
memory: 1024
mp0: xxxxx
net0: name=eth0,bridge=vmbr0,gw=10.10.1.1,hwaddr=bE:40:1A:fA:90:15,ip=10.10.11.7/24,tag=10,type=veth
ostype: ubuntu
rootfs: zfs-containers:subvol-105-disk-2,size=8G
swap: 1024

 

[Moayad]

Hi,

Please go to LXC -> Network click Edit and enable the Firewall


hope that helps!

 

[PmUserZFS]

Somehow it got disabled , maybe during restart one pve firewall. Any how same result

 

[Moayad]

Did you enabled firewall on LXC Container?

 

[PmUserZFS]

Im using OVS.

Did you enabled firewall on LXC Container?

Yes

 

[dustojnikhummer]

Hi,

Please go to LXC -> Network click Edit and enable the Firewall


hope that helps!

I know it's an old thread, but thanks! I didn't realize I had to enable firewall both in the LXC Network settings AND in the LXC Firewall settings.

 

[LnxBil]

I know it's an old thread, but thanks! I didn't realize I had to enable firewall both in the LXC Network settings AND in the LXC Firewall settings.

And the datacenter level ... all need to be turned on in order that it works.

We have an automatic check for all our guests from the inside that tests if a special port is blocked and therefore we know that the firewall is correctly turned on. If it's reachable, someone forgot to check some boxes and can solve the problem.